CVE-2024-7621

Name of the Vulnerable Software and Affected Versions Atarim plugin for WordPress versions prior to 4.0.3

Description The issue allows authenticated attackers with Subscriber-level access and above to modify data due to a missing capability check on the process wpfeedback misc options() function. This can be leveraged to update the plugin's settings and gain access to them.

Recommendations For versions prior to 4.0.3, update to version 4.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the process wpfeedback misc options() function to prevent unauthorized modifications.